Description

As he'll tell you in this interview, Barry Dorrans (aka @blowdart) had a bit of an epiphany preparing for this recording in that his job is somewhat like that of infamous "Clippy". Whenever someone starts a new project, Barry and his coworkers pop up and ask whether they can help with security and "no" is never the right answer.

The mandatory participation in the secure development lifecycle is all part of Microsoft's ongoing, decade-old trustworthy computing initiative, which has resulted in Microsoft's software and services to embody security best practices. More information about out secure development lifecycle can be found at http://microsoft.com/sdl

Barry and I sat down to discuss the SDL, but also touch on 0-day vulnerabilities and their handling, and like anyone involved in security he has some interesting war stories to share and also some insights from recent security conferences that seem worth paying more attention to and if it's only to learn about the creativity with which people get through closed doors.